Open this lesson in your favourite AI. It'll walk you through the why, explain the demo, and quiz you on the try-it list.
crates.io is the Rust package registry — everything Rust depends on lives there. cargo add (stabilized in 1.62) is the modern way to add a dep without hand-editing Cargo.toml. Understanding how to evaluate a crate before adding it (download counts, last release, MSRV, license, deps) is a daily skill — Rust's ecosystem is excellent but uneven, and a 30-second crate audit can save you from painful migrations later.
crates.io is Rust's centralized package registry, but evaluating a crate before adding it to your project is a professional skill in itself. You want to check the download trend, last publish date, whether it has a maintained MSRV policy, and whether maintainers respond to issues — a crate that looked active two years ago may be abandoned today. cargo audit checks your entire dependency tree against the RustSec advisory database, catching known CVEs before you ship them.
cargo add three crates: serde with the derive feature, anyhow, tokio with full. Read the resulting Cargo.toml.cargo tree -d shows duplicate dependencies in your build (different versions of the same crate). On a real project, you'll find some — that's normal but a flag for audits.cargo doc --open. Every dep you have generates docs locally. This is gold when you're offline.Use these three in order. Each builds on the one before.
In one paragraph, explain crates.io and how it differs from npm/PyPI culturally — quality bar, naming, supply chain.
When I run `cargo add serde`, walk me through what happens: resolver pass, version selection, lockfile update, manifest write.
I'm evaluating two competing crates (e.g. `reqwest` vs `ureq`, `clap` vs `argh`). What's a 5-minute audit framework — features, deps, MSRV, recent activity, alternatives?
# add a dep — version is auto-resolved to the latest compatible:
$ cargo add serde --features derive
Updating crates.io index
Adding serde v1.0.196 to dependencies.
Features:
+ derive
- rc
# try the same with anyhow + tokio:
$ cargo add anyhow tokio --features tokio/full
# remove a dep:
$ cargo rm anyhow
# what's already in your tree?
$ cargo tree --depth 1
myapp v0.1.0 (./)
├── anyhow v1.0.79
├── serde v1.0.196
└── tokio v1.36.0
# look at a crate's docs:
$ cargo doc --open
# or browse to docs.rs/serde — same contentcargo run